Nexo

We’re Giving out 10 BTC in Rewards until the Bitcoin Halving

Learn More
Home » Analysis » BSC, Ethereum DeFi Projects Hit in $14.4M Hack

BSC, Ethereum DeFi Projects Hit in $14.4M Hack

by

Dego Finance confirmed that its private key had been compromised.

Pnetwork hack defi
Shutterstock cover by suriyachan

Key Takeaways

  • An unknown hacker drained $14.4 million from Dego Finance and Cocos-BCX last night.
  • Dego confirmed the attack in an update and denied that it was an inside job.
  • The nature of the attack suggests that Dego and Cocos-BCX may be run by the same team.

Share this article

An unknown attacker targeted two crypto projects, the Binance Smart Chain-based protocol Dego Finance and Ethereum-based GameFi project Cocos-BCX last night, making off with about $14.4 million worth of digital assets.  

Hackers Bag $14.4M in Latest DeFi Attack 

Dego Finance and Cocos-BCX both suffered an exploit last night.

According to security firm PeckShield, an unknown hacker successfully drained around $14.4 million from the liquidity pools for the projects on Uniswap and PancakeSwap. The incident occurred Wednesday at around 23:30 UTC. The hacker’s Binance Smart Chain currently contains around $9.6 million worth of BNB, Binance-pegged ETH, and other assets, while their Ethereum wallet holds roughly $4.8 million. The majority of the funds were drained from Dego Finance, the better known of the two projects. 

Dego aims to be a “lego” of the decentralized ecosystem, giving users a way to gain exposure to the burgeoning DeFi and NFT niches. It has its own NFT ecosystem and a token called DEGO. Cocos-BCX is a “GameFi enabler” built on Ethereum. It focuses on supporting emerging GameFi projects through incubating, investing, and community building.

The hacker was able to steal the funds from the projects after a private key was compromised, the Dego team told PeckShield. The team added that the hack was not a “rug pull”—a common practice in the DeFi world in which project teams, usually those who stay anonymous, disappear with investors’ funds or remove liquidity so that the native token price tanks to zero. 

Announcing the exploit on Twitter early Thursday, the Dego team confirmed that it had asked cryptocurrency exchanges to close deposits for its DEGO token in order to prevent the hacker’s ability to profit off their liquidity. In a separate post, the team informed the community that it was working with security teams “to identify the hacker and retrieve loss.” Cocos-BCX, meanwhile, is yet to share an update on the hack through its official channels. 

Following the hack, DEGO crashed. According to data from CoinGecko, it plummeted from $4.50 to $3.81 and is now trading at $4.06 at press time, down about 11.4% on the day. COCOS, the native token for Cocos-BCX, had a milder drop of 3.4%, putting its current trading price at $1.54. 

Commenting on the attacks, PeckShield founder and CEO Xuxian Jiang told Crypto Briefing that it was possible the admin keys for both projects were secured on a single system that got compromised, such as a laptop. If true, this means the two projects may have been run by the same team. However, Crypto Briefing had not received a response at the time of publishing this article to verify the claim.  

The latest DeFi attack comes only a few days after a widely-publicized hack on Wormhole, in which $322 million in ETH was stolen from the Solana to Ethereum bridge. The $322 million loot made it the second biggest DeFi attack ever.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight - and oversight - of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.